South American Hacker Group Targets Journalists And Dissidents

A group of hackers believed to have sent malware to an Argentine prosecutor who died mysteriously this year has been targeting South American journalists and dissidents, according to the Citizen Lab, an Internet watchdog, the Associated Press reported. The Argentine prosecutor, Alberto Nisman, made international headlines when he died mysteriously while attempting to bring charges against the country’s president.

The scope of the hackers’ targets indicate state sponsorship, as do the targets themselves.

The hackers have launched dummy websites and have attacked Ecuadorean journalists and opposition figures with spyware. One dummy website targeting Venezuela carried news that reported questionable “scoops” alleging corruption among the governing socialists. In Ecuador, a dummy website was tailored to attract dissatisfied former police officers.

A Three-Month Investigation

Researchers conducted a three-month investigation after determining the spyware on Nisman’s smartphone was written to transmit pilfered data to the same command-and-control structure as the malware sent to Ecuadorean targets. Investigators said the hackers demonstrated a systemic and keen interest in the independent press and the political opposition in the three countries, all of which are led by left-wing governments.

The hackers threatened a Citizen Lab researcher in September who investigated a U.S.-based machine that the group managed to infect. A message that appeared on the researcher’s computer screen threatened to “analyze your brain with a bullet – and your family’s too.” It said he should know that playing a spy has a cost “— your life.”

Morgan Marquis-Boire, one of the researchers, said the message displayed unusual behavior for professional hackers, indicating little fear of criminal prosecution.

The group tried to infect an Associated Press reporter’s computer with a phishing attack in order to steal a Google password in November.

The researchers were able to identify the group through intertwined Internet domains and email signatures sent to infect computers. The group has been active for seven years and has used hosting services in Brazil since 2008 at least, the researchers said.

Privacy Rules Impede Further Research

Identifying the source of the hacking may require court orders on account of the Internet hosting companies’ privacy rules.

Targets received an email from a dummy organization claiming to oppose Ecuador president Rafael Correa. Other targets received a message that was falsely signed by an opposition leader that claimed to reveal identities of persons investigated by Ecuador’s spy agency.

People who clicked on embedded links became infected with spyware that surreptitiously pulled information and sent it to the group’s servers.

Researchers referenced the servers as “Packrat.” The name Packrat was chosen since the hackers use commercial packages of remote access trojans that affect smartphones and computers. These enable hackers to capture text messages, emails and keystrokes. The software can also hijack webcams and microphones.

Researchers said the malware was packaged to evade anti-virus detection.

A Sophisticated Hacker Operation

John Scott-Railton, the lead Citizen Lab researcher at the University of Toronto’s Munk School for Global Affairs, said the operation is highly targeted. He said Packrat carefully chooses and relentlessly pursues its targets.

The hackers used the same Internet domains for years even though there was some exposure in doing this, a technical convenience. Cybercriminals normally do not do this for fear of being caught by law enforcement.

The researchers found 35 types of booby-trapped files and used domains hosted by companies in the U.S., Uruguay, Sweden, Spain, France, Brazil and Argentina.

About two dozen “seeding” sites resided on servers owned by GoDaddy.com LLC, a U.S.-based web hosting company, for much of the past two years. GoDaddy-hosted domain names included login-office365.com, mgoogle.us, update-outlook.com and soporte-yahoo.com.

Researchers alerted most of the providers Friday and asked that they shutter Packrat’s known infrastructure. Nick Fuller, a GoDaddy spokesperson, said GoDaddy acts immediately after identifying a problem website.

Packrat Targeted Nisman

The researchers started the investigation after determining that Packrat had targeted Nisman, who died mysteriously of a gunshot wound in January while attempting to bring charges against Argentina’s president.

Researchers said Packrat sent Jorge Lanata, an Argentine journalist, the same virus Nisman received a month prior to his death.

The virus was designed to communicate with the same Internet domains used to spy on Ecuadorean opposition figures who found Packrat malware in their emails using search scripts the researchers wrote.

Scott-Railton said the targets, most of which are in Ecuador, probably represent only a small portion of the group’s activity. He said he doubted that the Brazil-focused operations have stopped.

Packrat targeted Ecuadorean reporters, environmental activists and Crudo Ecuador, a satirist who mocked the president. It launched a website to mirror the Ecuador National Assembly’s email web interface, an attempt to gain lawmakers’ passwords and usernames, according to the researchers.

Janet Hinostroza, a journalist who won a press freedom award in 2013 from the Committee to Protect Journalists, claimed she was hacked in January and in August, a month after she was accused by the interior minister of plotting to overthrow the government. She said she believed the hackers had access to her information.

Hinostroza said she cannot access data on her Apple iCloud since the hackers changed her security questions and her password.

Packrat targets in Ecuador also include Cesar Ricuarte, director of Fundamedios, a press freedom watchdog, and Martha Roldos, an environmental activist. Roldos received 34 malicious emails from Packrat, according to Citizen Lab.

One Packrat-created website, “justice-desvinculados.com,” attempted to attract Ecuadorean police officers who were dismissed following a 2010 revolt over benefits. The website, which has been removed, included an affiliated Twitter account.

The most elaborate website created by the group is one in Venezuela called Pancaliente.info, a compendium of opposition-friendly news that includes inaccurate “scoops” and plagiarized articles. The website, taken offline on Tuesday, provided no contact information but asked readers to enter their email addresses.

Images from Shutterstock and Facebook.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this.Loading...

4.8 stars on average, based on 3 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

You may like

1 Comment

1 Comment

Danny

December 12, 2015 at 4:33 am

Are you looking for possible hacking solutions, do you want to check into your partner or wards social apps(FB, Whatsapp, Emails, Kik e.t.c). Erase unwanted files or clear bad records, then Contact: danielphills@cyberservices.com………….. it is done in no time!!!!

Leave a Reply

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary

The long-running court saga of Lauri Love, a British hacker and activist accused of compromising and stealing data from the likes of the FBI, NASA and the US Federal Reserve has been ordered by the UK’s home secretary for his extradition to the United States.

31-year-old Love who has Asperger’s syndrome launched a legal challenge to avoid his extradition to the U.S., following a court ruling by a UK judge in September 2016. Love, who suffers from depression and eczema argued against the extradition ruling, claiming it could lead him to a mental breakdown or suicide. Despite his plea, the ruling district judge, Nina Tempia, determined that Love would be cared for by medical facilities in the United States, while accepting that Love suffered “both physical and mental issues.”

On the other side of the pond, Love potentially faces legal proceedings in three different US jurisdictions, reports the Guardian. Meanwhile, the UK home secretary had been given a deadline of November 16, in order to decide if Love was to be extradited or not. A day before the deadline, Rudd signed the order for Love’s extradition to the US. His lawyers believe he faces up to 99 years in prison if convicted of charges related to hacking.

The UK Home Office stated that Rudd had “carefully considered all relevant matters” before ruling:

The US has ruthlessly persecuted hackers and digital activists for years, and nobody expects that to improve under President Trump. Theresa May set a good example by protecting Gary McKinnon back in 2012. For a home secretary in her government now to willingly send a brilliant and vulnerable UK citizen to Donald Trump’s America beggars belief.

Lori’s alleged hacking endeavors were a part of #Oplastresort, an operation by Anonymous, the global hacktivist collective. This particular operation was in response to the treatment endured by Aaron Swartz a prominent programmer and hacktivist. Swartz faced 35 years In prison, asset forfeiture and a million dollars in fines with two counts of wire fraud. Swartz committed suicide for his alleged computer crimes.

Love’s legal defense is certain to bring up the unfortunate series of events that led to Swartz committing suicide under the threat of persecution. Love has 14 days to appeal against Rudd’s order and will almost certainly do so.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this.Loading...

An email on behalf of Apollo astronaut Dr. Edgar Mitchell to Clinton campaign chairman John Podesta turned up in the recent data dumps. The email was sent by Rebecca Wright of the Institute of Exoconsciousness.

Mitchell requested in an email dated July 29, 2014 to meet with President Barack Obama to discuss extraterrestrial disclosure, but was partially rebuffed.

“Fifty years ago Battelle, Brookings and RAND studies on UFOs convinced the government to remove knowledge of the extraterrestrial presence from the citizens of our country. These organizations advised with their best information. However, today much, if not most, of the extraterrestrial reality they examined is known by our citizens,” the e-mail states. “These organizations’ resultant strategies and policies of 50 years ago no longer hold credibility or benefit.” Mitchell says a well-informed public is important to further disclosure.

Podesta’s secretary wrote Mitchell saying Mr. Podesta would rather meet alone before arranging a meeting with Obama. A Skype meeting was scheduled for Aug 11, but whether or not the meeting happened is unclear. Mitchell died in February 2016.

According to the leaks, former Blink 182 frontman Tom Delonge emailed John Podesta twice about extraterrestrial beings.

“Things are moving with the project. The novels, films and nonfiction works are blooming and finishing,” DeLonge said in an October 2015 email to Podesta. “I would like to bring two very ‘important’ people out to meet you in DC. I think you will find them very interesting, as they were principal leadership relating to our sensitive topic.” DeLonge emailed again later.

“When Roswell crashed, they shipped it to the laboratory at Wright Patterson Air Force Base. General McFasland was in charge of that exact laboratory up to a couple years ago,” DeLonge wrote. “He not only knows what I’m trying to achieve, he helped assemble my advisory team. He’s a very important man.”

Hacked reported in 2015 that DeLonge was working on various ET-related projects, and the former pop-punk superstar, whose 1999 album Enema of the State sold 15 million copies worldwide, has since released books and plans to release a documentary on extra terrestrials.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this.Loading...

Justin O'Connell is the founder of financial technology focused CryptographicAsset.com.
Justin organized the launch of the largest Bitcoin ATM hardware and software provider in the world at the historical Hotel del Coronado in southern California.
His works appear in the U.S.'s third largest weekly, the San Diego Reader, VICE and elsewhere.

Hacktivists represent a broad range of personalities and goals. They’ve recently played a greater role in the collective conscious as cyber attacks at banks and governments become a more regular occurrence.

1. Edward Snowden

President Obama once said of Edward Snowden: “I’m not going to be scrambling jets to get a 29-year-old hacker.”

Edward Snowden became notorious after blowing the whistle on mass surveillance in the United States and abroad. It’s been estimated that, since the whistleblowing, Snowden is one of the most powerful figures on Twitter.

I forgot to turn off notifications. Twitter sent me an email for each:

American hacktivist Aaron Swartz took part in the development of the web feed format RSS, as well as the organization Creative Commons. A partner in Reddit, he ultimately committed suicide while under federal investigation for data-theft.

Arrested by MIT police on January 6, 2011, Swartz faced breaking-and-entering charges due to installing a computer in an Institute closet to download academic journal articles from JSTOR. Federal prosecutors charged him with two counts wire fraud and eleven violations of the Computer Fraud and Abuse Act.

Swartz faced $1 million in fines and 35 years in prison. Swartz declined a plea bargain under which he would have served six months in federal prison. When prosecution rejected his counteroffer, he was found dead by hanging in his Brooklyn apartment two days later. In June 2013, Swartz was posthumously inducted into the Internet Hall of Fame.

3. The Jester

Who The Jester is, nobody knows. He claims responsibility for many, many DoS (Denial of Service) attacks against WikiLeaks, Islamist sites, homophobic sites and the President of Iran. He claims responsibility for developing DoS software, XerXes.

With Wikileaks in the news, almost makes you wonder: Where’s The Jester now?

4. Barrett Brown

Barrett Brown worked closely with Anonymous. The former writer was not a formidable coder or hacker, but he became a marketing figure for the hacking group, including news appearances. Brown has faced numerous charges related to hacking. In January 2015, he was sentenced to 63 months.

5. Hector Xavier Monsegur (Sabu)

Sabu co-founded Lulzsec, going onto receiving press attention after a 50-day hacking spurt targeting the likes of the CIA, Fox, Stratfor, and the US Senate and others. Sabu later turned away from hacktivism, becoming an informant for the FBI and working for them for more than ten months.

6. Jake Davis (Topiary)

This once active member of Anonymous moved onto LulzSec. During a court appearance in 2011, he pleaded guilty to a charge related to a hack on the Serious Organised Crime Agency’s (SOCA) website. Davis ran the LulzSec Twitter account. Details on his computer leaked him to a hack of Sony.

7. Oxblood Ruffin

Canadian hacker Oxblood Ruffin is the “Foreign Minister” of the Cult of the Dead Cow network, a hacktivist group. Oxblood can often be seen in the media criticizing the actions of Anonymous and LulzSec.

8. Deric Lostutter (KYAnonymous)

When two members of an Ohio high school football team were charged with the rape of an intoxicated 16-year-old girl, Lostutter helped leak a video of two Ohio high school football players joking about the rape of an intoxicated 16-year-old girl. He faces charges for hacking a fan page of the football team and could face a 10-year prison sentence.

9. Ron Gonggrijp

This Dutch hacker speaks out against surveillance on citizens by governments and the lack of security in public electronic voting systems. He became a well-known teenage hacker and even appeared in the Jan Jacobs’s book Kraken en Computers (Hacking and computers, Veen uitgevers 1985, ISBN 90-204-2651-6) which details the early hacking scene in the Netherlands. Authorities in the Netherlands and the United States considered him a “major security threat.’

10. Jacob Appelbaum

Appelbaum, a Cult of the Dead Cow member, is reportedly a key player behind Tor and now an American journalist. He is the co-founder of the San Francisco hackerspace Noisebridge and has worked for kink.com and Greenpeace. Appelbaum was a trusted confidant of NSA’s Edward Snowden and had access to Snowden’s top secret documents during the 2013 global surveillance disclosure.

11. Gary Mckinnon

Mckinnon is responsible for what’s called the “biggest military computer hack of all time.” He hacked almost 100 American military and NASA servers in 13 months from 2001 to 2002. His goal while hacking NASA was to discover evidence of extraterrestrials.

“A NASA photographic expert said that there was a Building 8 at Johnson Space Center where they regularly airbrushed out images of UFOs from the high-resolution satellite imaging,” he said. “I logged on to NASA and was able to access this department. They had huge, high-resolution images stored in their picture files. They had filtered and unfiltered, or processed and unprocessed, files.”

12. John McAfee

The 2016 Presidential Candidate, John McAfee, had a run-in with authorities who he claims set him up for murder. He hacked every major computer of Belize government bureaucracies to prove his innocence. He found evidence that implicated officials in corruption, laundering, drug running and murder. He organized his own escape out of Belize to avoid arrest. He recently posted on social media he got into a shootout with police, though this was a joke.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this.Loading...

Justin O'Connell is the founder of financial technology focused CryptographicAsset.com.
Justin organized the launch of the largest Bitcoin ATM hardware and software provider in the world at the historical Hotel del Coronado in southern California.
His works appear in the U.S.'s third largest weekly, the San Diego Reader, VICE and elsewhere.

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.